CVE-2020-12439 Public Disclosure

This post is to notify the community of a potential node vulnerability that has been patched in v3.1.0. More details about the issue, potential impact and the fix can be found at: https://github.com/mimblewimble/grin-security/blob/master/CVEs/CVE-2020-12439.md

There is no evidence of this issue being exploited as it would have required a significant graphrate. In the event that it was, the worst case would likely be a node failing to reach consensus with the rest of the network. All users are encouraged to upgrade to v3.1.0 or later.

9 Likes